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(54) Abstract Title 

Secure communication 

(57) A method is presented for validating a purchase instruction which a user transmits to a server by 
internet. The server accesses a database to obtain contact information for the user, e.g. a phone number, and 
transmits a validation code to the user using the contact information. The user returns the validation code to 
the server by internet, and so validates the purchase. 
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At least one drawing originally filed was informal and the print reproduced here is taken from a later filed formal copy. 
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Secure communication 

Field of the invention 

5 The present invention relates to methods and apparatus for securely transferring 

instructions over a telecommunications network, such as the internet. The invention is 
especially useful for instructing commercial transactions online. 

Background of the invention 

10 

Internet commerce is presently growing rapidly, and encompasses the 
purchase by users of goods, services and even information (e.g. it is now possible to 
pay to download music). 

To make a purchase, a user communicates purchase instructions via the 
IS internet to a website operated by a retailer. The instructions often include details of a 
credit card account held by the user. Typically, this data is printed on the credit card 
itself. The retailer accepts the purchase (e.g. the retailer may dispatch the purchased 
goods), and debits the user's credit card accordingly. 

The above system is subject to a security problem that the data on the credit 
20 card is accessible to any third party who gains access to the card. Such a person can 
remember the credit card data printed on the card, and make purchases on his own 
account at any later time. 

Often a single user will make multiple purchases from the same website over 
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an extended period of time. To avoid the necessity for a given user to transmit the 
same credit card data repeatedly, it is known for the website to maintain a database of 
credit card information for many respective users. Each user is supplied with (or 
chooses) identification data which identifies him. The identification data includes a 
5 password and normally also a user name. Whenever a user wishes to make a purchase 
from the website he supplies the website with his identification data. The website uses 
the identification data to access the database of credit card data, and extracts the credit 
card information for the user. 

This arrangement exacerbates the security problem identified above, since a 

ID third patty who gains access to the identification data can use the website to make 
purchases. Such a third party may, for example, be an operative of the retailer. 
Alternatively, the third party may gain access to the identification data because the 
user has recorded it somewhere (e.g. on paper) to avoid having to remember it In 
fact, the level of crime associated with online purchasing is rising rapidly. 

1 5 Although, as explained, the problem of internet security is particularly acute in 

the example of online purchasing, it arises in other cases also. Indeed, there are many 
instances in which a user wishes to communicate securely with a website. 

Summary of the invention 
20 The present invention seeks to provide methods and apparatus for secure 

internet communication, especially for transmitting purchase instructions to an 
internet retailer. 

In general terms the present invention proposes that user supplies a website 



with data indicating his identity. The website accesses a database of contact data in 
relation to a second telecommunications network, to find the contact data for the user. 
For example, the second telecommunications network may be a telephone network 
(e.g. a mobile telephone network), and the contact data may be the user's telephone 

5 number. The website contacts the user using the second telecommunications network 
to check the identity of the user. 

For example, the website may send the user a validation code. This may be 
sent as part of a message to a mobile phone owned by the user. The user reads the 
validation code, and sends it to the website by internet (c.g, by entering it onto a 

1 0 webpage presented on the user's browser). Thus, a third party will only be able to 
make use of the user* s account with the website if he has access to the 
telecommunications device in the second telecommunications network associated 
with the contact data. 

The database may be maintained by the website itself, as a database of its 

15 contacts. Alternatively, the database may be a database maintained by an operator of a 
the second telecommunications network. In fact, a plurality of telephone operators 
may maintain respective databases. The user may indicate his telephone number to the 
website, so that the website can contact the appropriate telephone operator, and thus 
the correct database. 

20 Having validated the identity of the user, the site may issue the bill in respect 

of the purchase to a credit card account in the normal manner (e.g. by asking the user 
to enter credit card details, or by accessing a database of previously entered credit card 
data). More preferably, however, the bill for the purchase may be paid from a 



Financial account associated with the second telecommunications network. For 
example, it may appear on the user's next monthly telephone bill. This obviates the 
need for any separate credit card account 

Brief description of the Figures 

An example of the invention will now be explained in detail, for the sake of example 
only, with reference 10 ihe following figures, in which: 

Figure 1 shows the screens presented to the user in a first embodiment of the 
invention; and 

Fig. 2 is a block diagram of the steps in a second embodiment of the invention. 

Detailed de scription of embodiments 

Referring firstly to Fig. I, the area labelled 1 represents schematically the 
display on a usefs browser at a certain instant, that is the user's screen. The screen i 
is a display generated by a server which functions as an online retailer. Screen 1 
indicates a list of items (e.g. a user's "shopping basket"). By checking the box (and 
perhaps clicking on a "purchase" button), the user indicates that he wants to pay for 
"item 2". 

The display then changes to screen 2, in which the user is invited to emer 
identification data, specifically his user name and password The server maintains a 
database of user names and passwords, so that it can verify the result. If he is 
unsuccessful in doing this, he is directed to screen 3, and is invited to retry. 

If he is successful, the user is directed to screen 4. At this point the server 



indicates that it is sending a message to a mobile phone (or other message reception 
device, such as a pager), and gives the number of the mobile phone. This number may 
be taken from a database which the server has accessed using the identification data, 
or alternatively the user may enter the telephone number himself into the screen 4. In 
the latter case, the feet that there is a user associated with the input identification data 
and the telephone number is verified (e.g. by contacting the operator of the telephone 
system). 

The display then changes to screen 5. The message sent to the mobile phone 
contains a validation code. The user can enter this, reading it from the screen of the 
mobile phone, and it is verified. If the user has entered the code unsuccessfully, he is 
directed to screen 6, and invited to retry- 

If the user enters the code successfully, he is directed to screen 7. The 
purchase is completed, and the server issues a bill to the account associated with the 
mobile telephone number. 

Turning to Fig. 2, a block diagram is shown of the nine payment steps in a 
second embodiment of the invention. 

At a first instant, the user is presented with a screen 1 1 , inviting him to specify 
whether the purchase is to be made by visa, in cash (e.g. transmitted to the website 
operator by post), or by a phone validation (e.g. according to the present invention). 

In step 1 , the user specifies that he wants a telephone validation. The screen 
changes to screen 12. The user is invited to input a user ID, password and telephone 
number (indicating a telephone account which the user wishes to use for the 
validation). Entering this data is step 2. 



All this data is verified (step 3) by accessing a database (e.g, maintained by the 
telephone operator) which contains the details of the user's name, password and 
telephone number. 

The retailer server then sends (step 4) a signal to an SMS (short message 
servive) server. The SMS server sends (step 5) a message to the telephone number 
specified by the user, containing a verification code (this may for example be 
generated by the retailer server using a random number generator, or generated by the 
SMS server itself and transmitted to the retailer server). 

In step 6 the user is presented with screen 1 3, and asked to enter the validation 
code, which he can read from the screen of his mobile phone. He does this in step 7. 

In step 8 the retailer server validates the validation code, which it has 
remembered. It then sends a bill to a billing agent, which may be in any industry with 
a conventional billing system in place, such as a telecommunications, utilities, 
banking or finance company. For example, it may be the operator of the mobile phone 
network. 

After the transaction is processed successfully, the user is sent a confirmation 
message (step 9). 

Although the invention has been explained above in relation to particular 
embodiments, many modifications ore possible within the scope of the invention as 
will be clear to a skilled person. For example, although the invention has been 
explained above in relation to instructing purchases, it is not limited in this respect 
Rather the method may be applied in any situation in which it is wished to verify the 
identity of a user. 
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Furthermore, although the method has been explained above with reference to 
a user communicating primarily by internet, the invention is applicable also in the 
case that the user communicates with the retailer by any other telecommunication 
network. For example, the user may be using a point of sales terminal, and view any 
5 of the screens shown in the embodiments on that terminal. 
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Claims 

1 . An internet-based method for validating a purchase instruction* the method 
comprising: 

5 receiving by internet, from a user, purchase information specifying a purchase 

the user wishes to make; 

receiving from the user by internet identification information indicating the 
identity of the user; 

using the identification information to extract, from a database, contact 
1 0 information for the user over a second telecommunication network; 

using the comaci information to transmit a validation code to the user over the 
second telecommunications network; 

receiving a validation code from the user by internet; and 
verifying that the validation code transmitted to the user corresponds to the 
1 5 val idation code received from the user. 

2. A method according to claim 1 in which the second telecommunications 
network is a telephone network, such as a mobile phone network. 

20 3. A method according to claim 1 or claim 2 in which said validation code is sent 
as a text message. 

4. A method according to any preceding claim further including debiting a 



financial account, associated with the user and with the second telecommunication 
work, in respect of the purchase. 

5 . A server system for operating internet commerce, the server having: 

interface generation means for generating a user interface to receive from a 

user purchase information specifying a purchase the user wishes to make, and 

identification information indicating the identity of the user, 

purchase satisfaction means for completing the purchase specified by the 

purchase information; 

extraction means for extracting from the database, containing contact 
information for a plurality of users over a second telecommunication network, said 
contact information for a specific user based on the identification information; and 

transmission means for transmitting a validation code to the user over the 
second telecommunications network based on the extracted contact information; 

the interface means being arranged to receive a validation code from the user 
by internet; and 

the server system further comprising means for verifying that the validation 
code transmitted to the user corresponds to the validation code received from the user, 
and in that case controlling the purchase satisfaction means to satisfy the purchase. 

6. A server system according to claim 5 in which the transmission means is 
arranged to transmit the validation code to the user by instructing a messaging service 
to transmit to the user, using the extracted contact data, a text message including the 
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validation code. 

7. A method of verifying the identity of a user, the method comprising: 

receiving from the user, via a first telecommunication network, identification 
5 information indicating the identity of the user; 

using the identification information to extract, from a database, contact 
information for the user over a second telecommunication network; 

using the contact information to transmit a validation code to the user over The 
second telecommunication network; 
0 receiving a validation code from tha user over the first telecommunication 

network; and 

verifying that the validation code transmitted to the user corresponds to the 
validation code received from the user. 
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